Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Frame 198: 170 bytes on wire (1360 bits), 170 bytes captured (1360 bits)
- Ethernet II, Src: RealtekU_12:35:02 (52:54:00:12:35:02), Dst: PcsCompu_49:c7:a0 (08:00:27:49:c7:a0)
- Internet Protocol Version 4, Src: 8.8.4.4, Dst: 172.31.0.1
- 0100 .... = Version: 4
- .... 0101 = Header Length: 20 bytes (5)
- Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
- Total Length: 156
- Identification: 0xbe91 (48785)
- Flags: 0x00
- Fragment offset: 0
- Time to live: 51
- Protocol: UDP (17)
- Header checksum: 0x1094 [validation disabled]
- [Header checksum status: Unverified]
- Source: 8.8.4.4
- Destination: 172.31.0.1
- [Source GeoIP: United States, AS15169 Google Inc., 37.750999, -97.821999]
- [Destination GeoIP: Unknown]
- User Datagram Protocol, Src Port: 53, Dst Port: 54238
- Source Port: 53
- Destination Port: 54238
- Length: 136
- Checksum: 0x43ca [unverified]
- [Checksum Status: Unverified]
- [Stream index: 9]
- Domain Name System (response)
- Transaction ID: 0xf26e
- Flags: 0x8180 Standard query response, No error
- Questions: 1
- Answer RRs: 6
- Authority RRs: 0
- Additional RRs: 0
- Queries
- www.google.com: type A, class IN
- Name: www.google.com
- [Name Length: 14]
- [Label Count: 3]
- Type: A (Host Address) (1)
- Class: IN (0x0001)
- Answers
- www.google.com: type A, class IN, addr 74.125.124.105
- Name: www.google.com
- Type: A (Host Address) (1)
- Class: IN (0x0001)
- Time to live: 138
- Data length: 4
- Address: 74.125.124.105
- www.google.com: type A, class IN, addr 74.125.124.99
- Name: www.google.com
- Type: A (Host Address) (1)
- Class: IN (0x0001)
- Time to live: 138
- Data length: 4
- Address: 74.125.124.99
- www.google.com: type A, class IN, addr 74.125.124.103
- Name: www.google.com
- Type: A (Host Address) (1)
- Class: IN (0x0001)
- Time to live: 138
- Data length: 4
- Address: 74.125.124.103
- www.google.com: type A, class IN, addr 74.125.124.104
- Name: www.google.com
- Type: A (Host Address) (1)
- Class: IN (0x0001)
- Time to live: 138
- Data length: 4
- Address: 74.125.124.104
- www.google.com: type A, class IN, addr 74.125.124.106
- Name: www.google.com
- Type: A (Host Address) (1)
- Class: IN (0x0001)
- Time to live: 138
- Data length: 4
- Address: 74.125.124.106
- www.google.com: type A, class IN, addr 74.125.124.147
- Name: www.google.com
- Type: A (Host Address) (1)
- Class: IN (0x0001)
- Time to live: 138
- Data length: 4
- Address: 74.125.124.147
- Frame 200: 102 bytes on wire (816 bits), 102 bytes captured (816 bits)
- Ethernet II, Src: RealtekU_12:35:02 (52:54:00:12:35:02), Dst: PcsCompu_49:c7:a0 (08:00:27:49:c7:a0)
- Internet Protocol Version 4, Src: 8.8.4.4, Dst: 172.31.0.1
- 0100 .... = Version: 4
- .... 0101 = Header Length: 20 bytes (5)
- Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
- Total Length: 88
- Identification: 0xe9d3 (59859)
- Flags: 0x00
- Fragment offset: 0
- Time to live: 51
- Protocol: UDP (17)
- Header checksum: 0xe595 [validation disabled]
- [Header checksum status: Unverified]
- Source: 8.8.4.4
- Destination: 172.31.0.1
- [Source GeoIP: United States, AS15169 Google Inc., 37.750999, -97.821999]
- [Destination GeoIP: Unknown]
- User Datagram Protocol, Src Port: 53, Dst Port: 54238
- Source Port: 53
- Destination Port: 54238
- Length: 68
- Checksum: 0x28e5 [unverified]
- [Checksum Status: Unverified]
- [Stream index: 9]
- Domain Name System (response)
- Transaction ID: 0x0e65
- Flags: 0x8180 Standard query response, No error
- Questions: 1
- Answer RRs: 1
- Authority RRs: 0
- Additional RRs: 0
- Queries
- www.google.com: type AAAA, class IN
- Name: www.google.com
- [Name Length: 14]
- [Label Count: 3]
- Type: AAAA (IPv6 Address) (28)
- Class: IN (0x0001)
- Answers
- www.google.com: type AAAA, class IN, addr 2607:f8b0:4001:c12::68
- Name: www.google.com
- Type: AAAA (IPv6 Address) (28)
- Class: IN (0x0001)
- Time to live: 299
- Data length: 16
- AAAA Address: 2607:f8b0:4001:c12::68
- Frame 208: 74 bytes on wire (592 bits), 74 bytes captured (592 bits)
- Ethernet II, Src: RealtekU_12:35:02 (52:54:00:12:35:02), Dst: PcsCompu_49:c7:a0 (08:00:27:49:c7:a0)
- Internet Protocol Version 4, Src: 74.125.124.105, Dst: 172.31.0.1
- 0100 .... = Version: 4
- .... 0101 = Header Length: 20 bytes (5)
- Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
- Total Length: 60
- Identification: 0x0000 (0)
- Flags: 0x02 (Don't Fragment)
- Fragment offset: 0
- Time to live: 63
- Protocol: TCP (6)
- Header checksum: 0xc8b5 [validation disabled]
- [Header checksum status: Unverified]
- Source: 74.125.124.105
- Destination: 172.31.0.1
- [Source GeoIP: United States, AS15169 Google Inc., Mountain View, CA, 37.419201, -122.057404]
- [Destination GeoIP: Unknown]
- Transmission Control Protocol, Src Port: 443, Dst Port: 39190, Seq: 0, Ack: 1, Len: 0
- Source Port: 443
- Destination Port: 39190
- [Stream index: 6]
- [TCP Segment Len: 0]
- Sequence number: 0 (relative sequence number)
- Acknowledgment number: 1 (relative ack number)
- Header Length: 40 bytes
- Flags: 0x012 (SYN, ACK)
- 000. .... .... = Reserved: Not set
- ...0 .... .... = Nonce: Not set
- .... 0... .... = Congestion Window Reduced (CWR): Not set
- .... .0.. .... = ECN-Echo: Not set
- .... ..0. .... = Urgent: Not set
- .... ...1 .... = Acknowledgment: Set
- .... .... 0... = Push: Not set
- .... .... .0.. = Reset: Not set
- .... .... ..1. = Syn: Set
- [Expert Info (Chat/Sequence): Connection establish acknowledge (SYN+ACK): server port 443]
- [Connection establish acknowledge (SYN+ACK): server port 443]
- [Severity level: Chat]
- [Group: Sequence]
- .... .... ...0 = Fin: Not set
- [TCP Flags: ·······A··S·]
- Window size value: 28160
- [Calculated window size: 28160]
- Checksum: 0x0620 [unverified]
- [Checksum Status: Unverified]
- Urgent pointer: 0
- Options: (20 bytes), Maximum segment size, SACK permitted, Timestamps, No-Operation (NOP), Window scale
- Maximum segment size: 1360 bytes
- TCP SACK Permitted Option: True
- Timestamps: TSval 791361978, TSecr 82386
- No-Operation (NOP)
- Type: 1
- 0... .... = Copy on fragmentation: No
- .00. .... = Class: Control (0)
- ...0 0001 = Number: No-Operation (NOP) (1)
- Window scale: 8 (multiply by 256)
- Frame 212: 74 bytes on wire (592 bits), 74 bytes captured (592 bits)
- Ethernet II, Src: RealtekU_12:35:02 (52:54:00:12:35:02), Dst: PcsCompu_49:c7:a0 (08:00:27:49:c7:a0)
- Internet Protocol Version 4, Src: 74.125.124.105, Dst: 172.31.0.1
- 0100 .... = Version: 4
- .... 0101 = Header Length: 20 bytes (5)
- Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
- Total Length: 60
- Identification: 0x0000 (0)
- Flags: 0x02 (Don't Fragment)
- Fragment offset: 0
- Time to live: 63
- Protocol: TCP (6)
- Header checksum: 0xc8b5 [validation disabled]
- [Header checksum status: Unverified]
- Source: 74.125.124.105
- Destination: 172.31.0.1
- [Source GeoIP: United States, AS15169 Google Inc., Mountain View, CA, 37.419201, -122.057404]
- [Destination GeoIP: Unknown]
- Transmission Control Protocol, Src Port: 443, Dst Port: 39190, Seq: 0, Ack: 1, Len: 0
- Source Port: 443
- Destination Port: 39190
- [Stream index: 6]
- [TCP Segment Len: 0]
- Sequence number: 0 (relative sequence number)
- Acknowledgment number: 1 (relative ack number)
- Header Length: 40 bytes
- Flags: 0x012 (SYN, ACK)
- 000. .... .... = Reserved: Not set
- ...0 .... .... = Nonce: Not set
- .... 0... .... = Congestion Window Reduced (CWR): Not set
- .... .0.. .... = ECN-Echo: Not set
- .... ..0. .... = Urgent: Not set
- .... ...1 .... = Acknowledgment: Set
- .... .... 0... = Push: Not set
- .... .... .0.. = Reset: Not set
- .... .... ..1. = Syn: Set
- [Expert Info (Chat/Sequence): Connection establish acknowledge (SYN+ACK): server port 443]
- [Connection establish acknowledge (SYN+ACK): server port 443]
- [Severity level: Chat]
- [Group: Sequence]
- .... .... ...0 = Fin: Not set
- [TCP Flags: ·······A··S·]
- Window size value: 28160
- [Calculated window size: 28160]
- Checksum: 0x04f5 [unverified]
- [Checksum Status: Unverified]
- Urgent pointer: 0
- Options: (20 bytes), Maximum segment size, SACK permitted, Timestamps, No-Operation (NOP), Window scale
- Maximum segment size: 1360 bytes
- TCP SACK Permitted Option: True
- Timestamps: TSval 791362277, TSecr 82386
- No-Operation (NOP)
- Type: 1
- 0... .... = Copy on fragmentation: No
- .00. .... = Class: Control (0)
- ...0 0001 = Number: No-Operation (NOP) (1)
- Window scale: 8 (multiply by 256)
- [SEQ/ACK analysis]
- [TCP Analysis Flags]
- [Expert Info (Note/Sequence): This frame is a (suspected) retransmission]
- [This frame is a (suspected) retransmission]
- [Severity level: Note]
- [Group: Sequence]
- [The RTO for this segment was: 0.090266000 seconds]
- [RTO based on delta from frame: 208]
- Frame 270: 66 bytes on wire (528 bits), 66 bytes captured (528 bits)
- Ethernet II, Src: RealtekU_12:35:02 (52:54:00:12:35:02), Dst: PcsCompu_49:c7:a0 (08:00:27:49:c7:a0)
- Internet Protocol Version 4, Src: 74.125.124.105, Dst: 172.31.0.1
- 0100 .... = Version: 4
- .... 0101 = Header Length: 20 bytes (5)
- Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
- Total Length: 52
- Identification: 0x0000 (0)
- Flags: 0x02 (Don't Fragment)
- Fragment offset: 0
- Time to live: 63
- Protocol: TCP (6)
- Header checksum: 0xc8bd [validation disabled]
- [Header checksum status: Unverified]
- Source: 74.125.124.105
- Destination: 172.31.0.1
- [Source GeoIP: United States, AS15169 Google Inc., Mountain View, CA, 37.419201, -122.057404]
- [Destination GeoIP: Unknown]
- Transmission Control Protocol, Src Port: 443, Dst Port: 39190, Seq: 2316, Ack: 196, Len: 0
- Source Port: 443
- Destination Port: 39190
- [Stream index: 6]
- [TCP Segment Len: 0]
- Sequence number: 2316 (relative sequence number)
- Acknowledgment number: 196 (relative ack number)
- Header Length: 32 bytes
- Flags: 0x011 (FIN, ACK)
- 000. .... .... = Reserved: Not set
- ...0 .... .... = Nonce: Not set
- .... 0... .... = Congestion Window Reduced (CWR): Not set
- .... .0.. .... = ECN-Echo: Not set
- .... ..0. .... = Urgent: Not set
- .... ...1 .... = Acknowledgment: Set
- .... .... 0... = Push: Not set
- .... .... .0.. = Reset: Not set
- .... .... ..0. = Syn: Not set
- .... .... ...1 = Fin: Set
- [Expert Info (Chat/Sequence): Connection finish (FIN)]
- [Connection finish (FIN)]
- [Severity level: Chat]
- [Group: Sequence]
- [TCP Flags: ·······A···F]
- Window size value: 115
- [Calculated window size: 29440]
- [Window size scaling factor: 256]
- Checksum: 0x6ca7 [unverified]
- [Checksum Status: Unverified]
- Urgent pointer: 0
- Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
- No-Operation (NOP)
- Type: 1
- 0... .... = Copy on fragmentation: No
- .00. .... = Class: Control (0)
- ...0 0001 = Number: No-Operation (NOP) (1)
- No-Operation (NOP)
- Type: 1
- 0... .... = Copy on fragmentation: No
- .00. .... = Class: Control (0)
- ...0 0001 = Number: No-Operation (NOP) (1)
- Timestamps: TSval 791372687, TSecr 82845
- Frame 289: 66 bytes on wire (528 bits), 66 bytes captured (528 bits)
- Ethernet II, Src: RealtekU_12:35:02 (52:54:00:12:35:02), Dst: PcsCompu_49:c7:a0 (08:00:27:49:c7:a0)
- Internet Protocol Version 4, Src: 74.125.124.105, Dst: 172.31.0.1
- 0100 .... = Version: 4
- .... 0101 = Header Length: 20 bytes (5)
- Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
- Total Length: 52
- Identification: 0x0000 (0)
- Flags: 0x02 (Don't Fragment)
- Fragment offset: 0
- Time to live: 63
- Protocol: TCP (6)
- Header checksum: 0xc8bd [validation disabled]
- [Header checksum status: Unverified]
- Source: 74.125.124.105
- Destination: 172.31.0.1
- [Source GeoIP: United States, AS15169 Google Inc., Mountain View, CA, 37.419201, -122.057404]
- [Destination GeoIP: Unknown]
- Transmission Control Protocol, Src Port: 443, Dst Port: 39190, Seq: 2317, Ack: 196, Len: 0
- Source Port: 443
- Destination Port: 39190
- [Stream index: 6]
- [TCP Segment Len: 0]
- Sequence number: 2317 (relative sequence number)
- Acknowledgment number: 196 (relative ack number)
- Header Length: 32 bytes
- Flags: 0x010 (ACK)
- 000. .... .... = Reserved: Not set
- ...0 .... .... = Nonce: Not set
- .... 0... .... = Congestion Window Reduced (CWR): Not set
- .... .0.. .... = ECN-Echo: Not set
- .... ..0. .... = Urgent: Not set
- .... ...1 .... = Acknowledgment: Set
- .... .... 0... = Push: Not set
- .... .... .0.. = Reset: Not set
- .... .... ..0. = Syn: Not set
- .... .... ...0 = Fin: Not set
- [TCP Flags: ·······A····]
- Window size value: 115
- [Calculated window size: 29440]
- [Window size scaling factor: 256]
- Checksum: 0x3a1f [unverified]
- [Checksum Status: Unverified]
- Urgent pointer: 0
- Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
- No-Operation (NOP)
- Type: 1
- 0... .... = Copy on fragmentation: No
- .00. .... = Class: Control (0)
- ...0 0001 = Number: No-Operation (NOP) (1)
- No-Operation (NOP)
- Type: 1
- 0... .... = Copy on fragmentation: No
- .00. .... = Class: Control (0)
- ...0 0001 = Number: No-Operation (NOP) (1)
- Timestamps: TSval 791383117, TSecr 85351
- [SEQ/ACK analysis]
- [TCP Analysis Flags]
- [This is a TCP duplicate ack]
- [Duplicate ACK #: 1]
- [Duplicate to the ACK in frame: 217]
- [Expert Info (Note/Sequence): Duplicate ACK (#1)]
- [Duplicate ACK (#1)]
- [Severity level: Note]
- [Group: Sequence]
- Frame 396: 66 bytes on wire (528 bits), 66 bytes captured (528 bits)
- Ethernet II, Src: RealtekU_12:35:02 (52:54:00:12:35:02), Dst: PcsCompu_49:c7:a0 (08:00:27:49:c7:a0)
- Internet Protocol Version 4, Src: 74.125.124.105, Dst: 172.31.0.1
- 0100 .... = Version: 4
- .... 0101 = Header Length: 20 bytes (5)
- Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
- Total Length: 52
- Identification: 0x0000 (0)
- Flags: 0x02 (Don't Fragment)
- Fragment offset: 0
- Time to live: 63
- Protocol: TCP (6)
- Header checksum: 0xc8bd [validation disabled]
- [Header checksum status: Unverified]
- Source: 74.125.124.105
- Destination: 172.31.0.1
- [Source GeoIP: United States, AS15169 Google Inc., Mountain View, CA, 37.419201, -122.057404]
- [Destination GeoIP: Unknown]
- Transmission Control Protocol, Src Port: 443, Dst Port: 39190, Seq: 2317, Ack: 196, Len: 0
- Source Port: 443
- Destination Port: 39190
- [Stream index: 6]
- [TCP Segment Len: 0]
- Sequence number: 2317 (relative sequence number)
- Acknowledgment number: 196 (relative ack number)
- Header Length: 32 bytes
- Flags: 0x010 (ACK)
- 000. .... .... = Reserved: Not set
- ...0 .... .... = Nonce: Not set
- .... 0... .... = Congestion Window Reduced (CWR): Not set
- .... .0.. .... = ECN-Echo: Not set
- .... ..0. .... = Urgent: Not set
- .... ...1 .... = Acknowledgment: Set
- .... .... 0... = Push: Not set
- .... .... .0.. = Reset: Not set
- .... .... ..0. = Syn: Not set
- .... .... ...0 = Fin: Not set
- [TCP Flags: ·······A····]
- Window size value: 115
- [Calculated window size: 29440]
- [Window size scaling factor: 256]
- Checksum: 0x112b [unverified]
- [Checksum Status: Unverified]
- Urgent pointer: 0
- Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
- No-Operation (NOP)
- Type: 1
- 0... .... = Copy on fragmentation: No
- .00. .... = Class: Control (0)
- ...0 0001 = Number: No-Operation (NOP) (1)
- No-Operation (NOP)
- Type: 1
- 0... .... = Copy on fragmentation: No
- .00. .... = Class: Control (0)
- ...0 0001 = Number: No-Operation (NOP) (1)
- Timestamps: TSval 791393601, TSecr 85351
- [SEQ/ACK analysis]
- [TCP Analysis Flags]
- [This is a TCP duplicate ack]
- [Duplicate ACK #: 2]
- [Duplicate to the ACK in frame: 217]
- [Expert Info (Note/Sequence): Duplicate ACK (#2)]
- [Duplicate ACK (#2)]
- [Severity level: Note]
- [Group: Sequence]
- Frame 453: 66 bytes on wire (528 bits), 66 bytes captured (528 bits)
- Ethernet II, Src: RealtekU_12:35:02 (52:54:00:12:35:02), Dst: PcsCompu_49:c7:a0 (08:00:27:49:c7:a0)
- Internet Protocol Version 4, Src: 74.125.124.105, Dst: 172.31.0.1
- 0100 .... = Version: 4
- .... 0101 = Header Length: 20 bytes (5)
- Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
- Total Length: 52
- Identification: 0x0000 (0)
- Flags: 0x02 (Don't Fragment)
- Fragment offset: 0
- Time to live: 63
- Protocol: TCP (6)
- Header checksum: 0xc8bd [validation disabled]
- [Header checksum status: Unverified]
- Source: 74.125.124.105
- Destination: 172.31.0.1
- [Source GeoIP: United States, AS15169 Google Inc., Mountain View, CA, 37.419201, -122.057404]
- [Destination GeoIP: Unknown]
- Transmission Control Protocol, Src Port: 443, Dst Port: 39190, Seq: 2317, Ack: 196, Len: 0
- Source Port: 443
- Destination Port: 39190
- [Stream index: 6]
- [TCP Segment Len: 0]
- Sequence number: 2317 (relative sequence number)
- Acknowledgment number: 196 (relative ack number)
- Header Length: 32 bytes
- Flags: 0x010 (ACK)
- 000. .... .... = Reserved: Not set
- ...0 .... .... = Nonce: Not set
- .... 0... .... = Congestion Window Reduced (CWR): Not set
- .... .0.. .... = ECN-Echo: Not set
- .... ..0. .... = Urgent: Not set
- .... ...1 .... = Acknowledgment: Set
- .... .... 0... = Push: Not set
- .... .... .0.. = Reset: Not set
- .... .... ..0. = Syn: Not set
- .... .... ...0 = Fin: Not set
- [TCP Flags: ·······A····]
- Window size value: 115
- [Calculated window size: 29440]
- [Window size scaling factor: 256]
- Checksum: 0xe6f4 [unverified]
- [Checksum Status: Unverified]
- Urgent pointer: 0
- Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
- No-Operation (NOP)
- Type: 1
- 0... .... = Copy on fragmentation: No
- .00. .... = Class: Control (0)
- ...0 0001 = Number: No-Operation (NOP) (1)
- No-Operation (NOP)
- Type: 1
- 0... .... = Copy on fragmentation: No
- .00. .... = Class: Control (0)
- ...0 0001 = Number: No-Operation (NOP) (1)
- Timestamps: TSval 791404407, TSecr 85351
- [SEQ/ACK analysis]
- [TCP Analysis Flags]
- [This is a TCP duplicate ack]
- [Duplicate ACK #: 3]
- [Duplicate to the ACK in frame: 217]
- [Expert Info (Note/Sequence): Duplicate ACK (#3)]
- [Duplicate ACK (#3)]
- [Severity level: Note]
- [Group: Sequence]
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement